Skip to content

docs: privacy impact assessment + tenancy defense-in-depth review#330

Merged
BigSimmo merged 3 commits into
mainfrom
claude/privacy-tenancy-review
Jul 6, 2026
Merged

docs: privacy impact assessment + tenancy defense-in-depth review#330
BigSimmo merged 3 commits into
mainfrom
claude/privacy-tenancy-review

Conversation

@BigSimmo

@BigSimmo BigSimmo commented Jul 6, 2026

Copy link
Copy Markdown
Owner

What this is

Analysis-only. No product code changes — two new documents under docs/.

Produced by a multi-agent audit: one auditor agent per API route family, with every claimed gap independently re-verified against source and the live Supabase project (sjrfecxgysukkwxsowpy, region ap-southeast-2 / Sydney).

Deliverable 1 — docs/privacy-impact-assessment.md

Full clinical-data flow map (the incidental-PHI path where a clinician types patient details into a query). Covers:

  • What reaches OpenAI (raw query + retrieved excerpts, US endpoint, store:false, forced 24h prompt cache) and the cross-border (APP 8) posture.
  • Logging/redaction per table — the audit's M15 HMAC query-hash fix is verified present (query-privacy.ts:17-23) but downgrades to unsalted SHA-256 if RAG_QUERY_HASH_SECRET is unset, which nothing enforces in prod.
  • Retention/purge — both pg_cron purges (rag_queries 30d, rag_retrieval_logs 90d) verified live and active; rag_query_misses has no purge.
  • Data residency — at-rest data is onshore (Sydney); only OpenAI inference crosses to the US.
  • APP / WA health-records assessment and a risk-ranked gap register (PIA-1…7).

Deliverable 2 — docs/tenancy-defense-in-depth-review.md

Adversarial audit of all 33 API routes for a missed/bypassable owner_id filter (RLS is deliberately service-role-only, so the app layer is the only boundary).

  • Result: 0 confirmed cross-tenant leaks. Per-route verdict table + RPC SQL-body owner-filter table + response-cache analysis.
  • Key caveat: the SQL owner helper retrieval_owner_matches fails open on a NULL filter — the DB has no independent tenancy floor; only the app-layer throw-on-missing-owner prevents a leak.
  • Honest cost/benefit on owner-scoped RLS as a second layer: recommends cheaper, higher-leverage fixes first (fail-closed RPCs + CI guard + cross-tenant integration test) over a full RLS refactor.
  • One low-severity non-tenancy finding (setup-status:165 raw error string) + two latent/operator notes.

Notes

  • Not legal advice; the privacy assessment is written to hand to a privacy officer / counsel.
  • No ingestion/answer-generation/search/privacy behaviour changes → clinical governance preflight N/A (docs only).

🤖 Generated with Claude Code

Analysis-only (no product code changes). Two documents from a multi-agent
audit (one auditor per API route family) with independent adversarial
verification of every claim against source and the live Supabase project.

- privacy-impact-assessment.md: clinical-data flow map, OpenAI egress +
  cross-border (US) analysis, per-table logging/redaction (M15 HMAC verified
  present but conditional), retention/purge (both crons verified live-active),
  Sydney data residency, storage access, APP/WA assessment, risk-ranked gaps.
- tenancy-defense-in-depth-review.md: all 33 API routes audited for a missed/
  bypassable owner_id filter (0 confirmed cross-tenant leaks), RPC SQL-body
  owner-filter table, response-cache analysis, and an honest cost/benefit on
  owner-scoped RLS as a second layer (fail-open RPC helper is the key caveat).

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
@supabase

supabase Bot commented Jul 6, 2026

Copy link
Copy Markdown

This pull request has been ignored for the connected project sjrfecxgysukkwxsowpy because there are no changes detected in supabase directory. You can change this behaviour in Project Integrations Settings ↗︎.


Preview Branches by Supabase.
Learn more about Supabase Branching ↗︎.

Satisfies the required verify-job format:check gate (markdown tables and
emphasis normalized). No content changes.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
@BigSimmo
BigSimmo marked this pull request as ready for review July 6, 2026 14:50
@chatgpt-codex-connector

Copy link
Copy Markdown

You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard.

@BigSimmo
BigSimmo enabled auto-merge July 6, 2026 14:51
@BigSimmo
BigSimmo merged commit 3f9299a into main Jul 6, 2026
5 checks passed
@BigSimmo
BigSimmo deleted the claude/privacy-tenancy-review branch July 8, 2026 16:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant